日月出行
blame | 历史 | 原始文档
xuhy
2023-08-11 9f883e7eb1b181aab1a2dc36765a1d11e39cf532 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66

package com.stylefeng.guns.rest.modular.auth.filter;


 


import com.stylefeng.guns.core.base.tips.ErrorTip;


import com.stylefeng.guns.core.util.RenderUtil;


import com.stylefeng.guns.rest.common.exception.BizExceptionEnum;


import com.stylefeng.guns.rest.config.properties.JwtProperties;


import com.stylefeng.guns.rest.modular.auth.util.JwtTokenUtil;


import io.jsonwebtoken.JwtException;


import org.apache.commons.logging.Log;


import org.apache.commons.logging.LogFactory;


import org.springframework.beans.factory.annotation.Autowired;


import org.springframework.web.filter.OncePerRequestFilter;


 


import javax.servlet.FilterChain;


import javax.servlet.ServletException;


import javax.servlet.http.HttpServletRequest;


import javax.servlet.http.HttpServletResponse;


import java.io.IOException;


 


/**


 * 对客户端请求的jwt token验证过滤器


 *


 * @author fengshuonan


 * @Date 2017/8/24 14:04


 */


public class AuthFilter extends OncePerRequestFilter {


 


    private final Log logger = LogFactory.getLog(this.getClass());


 


    @Autowired


    private JwtTokenUtil jwtTokenUtil;


 


    @Autowired


    private JwtProperties jwtProperties;


 


    @Override


    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException {


        if (request.getServletPath().equals("/" + jwtProperties.getAuthPath())) {


            chain.doFilter(request, response);


            return;


        }


        final String requestHeader = request.getHeader(jwtProperties.getHeader());


        String authToken = null;


        if (requestHeader != null && requestHeader.startsWith("Bearer ")) {


            authToken = requestHeader.substring(7);


 


            //验证token是否过期,包含了验证jwt是否正确


            try {


                boolean flag = jwtTokenUtil.isTokenExpired(authToken);


                if (flag) {


                    RenderUtil.renderJson(response, new ErrorTip(BizExceptionEnum.TOKEN_EXPIRED.getCode(), BizExceptionEnum.TOKEN_EXPIRED.getMessage()));


                    return;


                }


            } catch (JwtException e) {


                //有异常就是token解析失败


                RenderUtil.renderJson(response, new ErrorTip(BizExceptionEnum.TOKEN_ERROR.getCode(), BizExceptionEnum.TOKEN_ERROR.getMessage()));


                return;


            }


        } else {


            //header没有带Bearer字段


            RenderUtil.renderJson(response, new ErrorTip(BizExceptionEnum.TOKEN_ERROR.getCode(), BizExceptionEnum.TOKEN_ERROR.getMessage()));


            return;


        }


        chain.doFilter(request, response);


    }


}